A Python CLI and pyproject.toml configuration that let you release Python packages multiple times a day with only 2-clicks. Designed for uv-based Python projects, but usable for other projects too. The CLI operates through reusable GitHub Actions workflows as its CI delivery mechanism.
Maintainer-in-the-loop: nothing is done behind your back. A PR or issue is created every time a change is proposed or action is needed.
What it automates¶
Version bumping, git tagging, and GitHub release creation
Changelog management
Python package building and PyPI publishing with supply chain attestations
Cross-platform binary compilation (Linux / macOS / Windows, x86_64 / arm64)
Formatting autofix for Python, Markdown, JSON, Shell, and typos
Linting: Python types with mypy, YAML, GitHub Actions, workflow security, URLs, secrets, and Awesome lists
Synchronization of
uv.lock,.gitignore,.mailmap, and Mermaid dependency graphLabel management with file-based and content-based rules
Inactive issue locking
Static image optimization
Sphinx documentation building, deployment, and autodoc updates
Awesome list template synchronization
Why repomatic¶
18 third-party GitHub Actions replaced by internal CLI commands and SHA-256-verified binary downloads, keeping the supply chain attack surface minimal
8 Python linters and formatters (pylint, black, isort, pyupgrade, pydocstyle, pycln, docformatter, blacken-docs) consolidated into ruff
5 packaging and install tools (poetry, build, twine, check-wheel-contents, pip-audit) consolidated into uv
All
uses:references pinned to full commit SHAs via Renovate, with stabilization windows before adopting new versionsSLSA provenance attestations on every release artifact (wheels and compiled binaries)
VirusTotal scanning of compiled binaries to seed AV vendor databases and reduce false positives
Trusted Publishing for PyPI uploads: no long-lived tokens stored as secrets
Immutable releases enforced via GitHub’s tag protection and release locking
Workflow security linting with
zizmoron every push to catch dangerous triggers and excessive permissionsCredential scanning with
gitleaksto prevent secret leakageSingle
pyproject.tomlconfiguration: no extra dotfiles, no JSON configs, no YAML presets to maintain15+ code quality tools (ruff, mypy, biome, typos, mdformat, shfmt, yamllint, actionlint, lychee, oxipng, jpegoptim, pyproject-fmt, labelmaker, gitleaks, zizmor) managed through one
repomatic run <tool>interface with automatic installation and platform-specific binary caching
Quick start¶
$ cd my-project
$ uvx -- repomatic init
$ git add .
$ git commit -m "Add repomatic"
$ git push
Works for new and existing repositories. Managed files are always regenerated to the latest version; changelog.md is never overwritten. Push, and the workflows guide you through remaining setup via issues and PRs.
See repomatic init --help for available components and options.
Documentation¶
See the full documentation for:
Reusable workflow reference (all 13 workflows with job descriptions)
Used in¶
Check these projects to get real-life examples of usage and inspiration:
Awesome Falsehood - Falsehoods Programmers Believe in.
Awesome Engineering Team Management - How to transition from software development to engineering management.
Awesome IAM - Identity and Access Management knowledge for cloud platforms.
Awesome Billing - Billing & Payments knowledge for cloud platforms.
Meta Package Manager - A unifying CLI for multiple package managers.
Mail Deduplicate - A CLI to deduplicate similar emails.
dotfiles - macOS dotfiles for Python developers.
Click Extra - Extra colorization and configuration loading for Click.
repomatic - Itself. Eat your own dog-food.
Extra Platforms - Detect platforms and group them by family.
Send a PR to add your project if you use repomatic.
Development¶
See claude.md for development commands, code style, testing guidelines, and design principles.